Hacker breaks Windows 8 Secure Boot

Bootkit to be unveiled at international malware conference.

An Austrian hacker claims to have written a bootkit that circumvents a key security feature in Windows 8.

Peter Kleissner, a programmer and security researcher with a history of finding exploits, said he would reveal details of the attack that bypassed Microsoft’s Secure Boot feature at the international malware conference MalCon later this month.

Kleissner previously designed the Stoned Rootkit that can control systems by using a compromised boot loader to intercept encryption keys and passwords in Windows machines.

“Stoned Lite's infector is just 14KB in size, including driver and bootkit attacking [Windows] 2000 to 8. Bootkit can be started from USB/CD,” Kleissner said on his Twitter feed.

The researcher said the bootkit didn’t attack the Unified Extensible Firmware Interface that will replace BIOS in Windows 8 and is intended to prevent malware being loaded into the system during boot up, and instead relies on older code in the OS.

“It's not attacking UEFI or Secure Boot, right now it's working with the legacy BIOS only,” Kleissner said.

All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.Your use of this website
constitutes acceptance of nextmedia's Privacy Policy and
Terms & Conditions.